I found this article on the Adobe Security Matters website, What is a Certified Document and when should you use it? For those who need to certify documents, you may find it interesting.
As a quick summary, it states that here are two frequent use cases for Certified Documents:
- Publishing files and want the recipients to know that the files really did originate from you and they have not been accidentally or maliciously modified since you published them.
- Distribution of electronic forms with pre-populated information, and want to make sure recipients are not accidentally or maliciously modifying your form data when returning them to you.
Entrust issues Adobe CDS Signing certificates which will help you meet the Adobe recommendations:
- Make sure your signing certificate is trusted by your recipient community.
- When certifying a document, make sure that all certificates from the trust chain are available on the signing system (desktop or server).
- When publishing a certified document with a digital signature, make sure you are online and able to reach the revocation information published by the certificate authorities.
- Utilize an RFC3161 based timestamp authority as part of the digital signature process.
